IN THE DRAWINGS: 



Formal corrected drawings were supplied with the 
Amendment dated February 4, 2004. 
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REMARKS 



In response to the Examiner's Office Action of October 
20, 2004, Applicants have now amended the claims to particularize 
the client-server means of - specialized client-server means 
utilizing a Unisys ClearPath client -server. 

This is done since the Examiner had indicated that the 
relationship of interconnecting modules was not stated and that 
Applicants did not specify the Unisys ClearPath server. 

A. The Examiner has rejected claims 1-3, 7-9, 11 and 12, 

under 35 USC 102(b) as being anticipated by the Seitz Reference 
"A", U.S. Patent 5,805,823. Additionally, while Examiner has not 
cited Applicants 1 Information Disclosure Statement which provided 
the KNAS (Rerberos Network Authentication Service), however. 
Examiner has still cited aspects of this document. Applicants 
would now reiterate their previously provided arguments. 

At this point. Applicants would traverse Examiner's 
contention that the Seitz patent, 5,805,823, anticipates 
Applicants 1 invention . 

As seen in Examiner's paragraph 1 on page 4 of his 
Office Action, the Examiner has cited a series of items 
— "a", "b", "C, "d". . ."g", "h", n i n , n j", "k". 

Here, Examiner has selected various bits and pieces of 
Applicants' claims and the Examiner has cited and 
pulled-up a variety of other elements from the Kerberos 
Network Authentication Service, in addition to certain 
aspects of the Seitz reference. Thus, the Examiner is 
trying to re-create Applicants' invention as stated in 
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these claims by picking and choosing bits and pieces 
from other references. 

In a case reported in the Bureau of National 
Affairs Patent , Trademark & Copyright 
Journal , on page 109 of the issue dated 
December 10 # 1992, the case of Price v. Code 
Alarm, Inc. , which was decided on November 5, 
1992, by the United States District Court of 

the Northern District of California here, 

it was indicated that combination claims are 
not invalid for obviousness merely because 
similar elements appear in separate prior art 
references* The court stated that one may 
not pick and choose among the individual 
elements of prior art references in order to 
re-create the basis of the invention. 
Further, the court declared: 

A holding that combination claims are invalid 
based merely on finding similar elements in 
separate prior art patents would be "contrary 
to statute and could defeat the congressional 
purpose in enacting Title 35" . • . not only 
must the claimed combination be considered as 
a whole under the express mandate of USC 103, 
but the prior art references must also be 
considered in their entireties to determine 
whether they suggest the desirability of 
making the combination which Code-Alarm 
asserts renders claims 7 and 8 obvious, 
(underlines added) • 
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However, while the above reference was applied to 
Article 103(a) obviousness situations, the similar situation will 
occur as indicated by the following reference regarding 
anticipation under Article 102* 

In the case of Kalman v. Kimherly-Clark 
Corporation , 713 F.2d 760, 218 USPQ 781, 789 
decided by the Federal Circuit in 1983, the 
following was indicated by the Court: 

A party asserting that a patent claim is 
anticipated under 35 USC Article 102, must 
demonstrate among other things, identity of 
invention . Identity of invention is a question of 
fact, and one who seeks such a finding must show 
that each element of the claim in issue is found, 
either expressly described or under principles of 
inherency in a single prior-art reference, or that 
the claimed invention was previously known or 
embodied in a single prior-art device or practice . 
Preliminary to this determination, is construction 
of the claims to determine their meaning in light 
of the specification and prosecution history which 
construction is a matter of law for the Court, 
(underlines added) . 

In order to indicate that there is a relationship 
between anticipation and obviousness. Applicants would now cite 
the case of Jones v» Hardy , 220 USPQ 1021, 1025, decided by the 
Federal Circuit in 1984 where it was stated: 
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Though anticipation is the epitome of 
obviousness, they are separate and distinct 
concepts. 

Then, further. Applicants would recite the case of 
Mendenhall v. Aztec Industries, Incorporated , 13 USPQ 2d 1913, 
1928, decided in Tennessee in 1988, and affirmed by the Federal 
Circuit in 1989 at 13 USPQ 2d, p. 1956. The conclusion here was 
as follows: 

When a claimed invention is not identically 
disclosed in a reference, and instead 
requires picking and choosing among a number 
of different options disclosed by the 
reference, then the reference does not 
anticipate . 

Then, in the case of Minnesota Mining and Manufacturing 
Company v. Johnson & Johnson Orthopaedics, 
Incorporated , decided by the Federal Circuit in 1992, 
and reported at 24 USPQ 2d pp. 1321, 1326, the 
following was stated: 

A party asserting that a patent claim is 
anticipated under 35 USC Article 102 "must 
demonstrate . . . identity of invention". 

Of course, in the above situation, there is no way that 
the Examiner can demonstrate any complete identity of 
invention as will be explicitly discussed and described 
in succeeding remarks herein. 
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To reiterate Kalman v. Kimberly-Clark , 218 USPQ 781 # 

the Federal Circuit indicated that the claimed 

invention must have been in a single prior art 
reference to constitute ^anticipation" • 

Then, as a further note, in the case of Ultradent 
Products, Incorporated v. Life-Like Cosmetics, Incorporated , 
reported at 39 USPQ 2d, 1969 at p. 1980, decided in Utah in 1996, 
the following would clearly indicate the situation as follows: 

Any degree of physical difference, however slight, 
invalidates claims of anticipation. 

B. Now, to cite some of the clauses involved when looking 

at claims 1-3, 7-9, 11 and 12, and the various cited elements "a", 

n b n , n c n . . . n h n , "i", "j n , "k n , at Examiner's element n b n 

regarding asynchronous authentication, where the Examiner cited 
the Seitz reference, column 19, line 23, et seq . Here, it should 
be noted that the only mention by Seitz is that an authentication 
protocol may be used, for example, Kerberos, DSA RSA, and the 
like* 

But note here, Seitz has no implementation or 
concept of implementation as is shown and 
indicated in Applicants 1 Figs. 15, 16, 17. 
There is no way that this statement of Seitz 
can be stretched or taught to teach 
Applicants 1 system. Further, there is nothing 
in the Kerberos Network Authentication 
Service which teaches or shows the elements 
involved in Applicants 1 Figs. 15, 16 and 17, 
and the description thereof. 
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The Examiner has cited several items, such as items 
V, "g", "h", n i n # "j", "k", to refer to terminology in the 
document of the Kerberos Network Authentication Service. These 
statements here do not in any fashion describe or teach the 
methodology and the inter-coqperating modules which are shown in 
Applicants 1 Figs. 15 , 16 and 17. There is no way that the 
stat em ents of Seitz and any statements made in the Kerberos 
Network Authentication Service document could show # teach or 
indicate the specific arrangements and functional operations of 
Applicants' Figs. 15, 16 and 17. 

Seitz operates message transmission from (a) 
client to (d) server back to (a) client. Quite 
differently. Applicant operates from (a) client to 
(b) specialized ClearPath to (c) Kerberos Server, 
then back to (a) client, that is, i.e., a-b-c-a. 

C. It will be of considerable benefit to look at the Seitz 

patent and compare it to the operations of Applicants 1 invention 
in order to see the considerable differences involved, so that any 
question of anticipation would be immediately obviated. 

CI. It should be indicated that the Seitz reference in 

essence, works to "handle messages" (transfer data asynchronously) 
between Applications in the client -server network. 

Quite differently, Applicants' system involves the 
handling of messages (data transfer asynchronously) 
between an application and a server in a client-server 
network. Note that this involves a considerable 
difference in the function and architectural 
arrangements involved. 

Applicants' system is specific to data transfer between 
the client (and/or clients) to a server which involves 
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a specialized Unisys ClearPath server operating within 
the Kerberos Realm, and this data transfer is done via 
an intermediary server designated as a Kerberos Server. 

There is no such teaching in the Seitz 
reference, nor can Seitz be combined with the 
KNAS document to design or provide such a 
system. 

C2. It will be seen that Seitz operates at a high level 

asynchronous message handling between cl ient s • (a-d-a) i.e., 
client (a) to server (d) to client (a) . 

Note, that Applicants are involved and directed to 
" client authentication " in a Kerberos Realm using 

an asynchronous data exchange between a client 
(clients) and a series of servers (a-b-c-a) . 

Re Applicants' Pig. 16, client (a) - special 
Unisys Server (b) - Kerberos server (c) 
client (a) . 

The differentiation between Seitz and Applicants 1 
system is that applications in Seitz are run in "an 
application environment on a server". 

Applicants 1 system focuses to the data handling 
between an application (applications) running in 
the application environment and involves a service 
provided at the "operating systems level" 
environment . 

Seitz in no way speaks to message or data 
handling between the "application level 
environment " , over to the "server level 
environment" . The server environment is a 
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pass-thru for holding or sending on messages. 
Applicants 1 system speaks to the managing of 
data sent from a client (clients) to the 
server with a return of the proper 
authentication signal. 

C3. The thrust of Applicants' system is not so much about 

asynchronous message handling, but rather involves the 
"authentication" of a client in a Kerberos Realm via an 
asynchronous data exchange protocol. Applicants 1 system provides a 
unique arrangement in that there is a client and an exchange — 
there is an exchange from client to a first server, then to second 
server, as will be seen in Applicants' figs. 15, 16 and 17. 

It should be noted that the Seitz relation is 
from "client to server to client", where the 
so-called "messages" in Seitz are directed 
from client to client via a message handler 
on a server. 

C4. The Seitz reference may be designated as "generic 

message exchange". Quite differently, Applicants 1 system is a 
specific set of data streams (as defined in Kerberos) that are 
initiated by a client, that is to say, a specific client 
application, such as a terminal emulator that "speaks" a specific 
protocol . 

This is unique to Kerberos, where data is sent to a 
server, that is to say, a Kerberos Server, which 
performs certain actions on that server related to user 
"authentication". This Kerberos Server, after 
performing various authentication routines and 
activities, then forwards data to a Unisys ClearPath 
Server with a specific server-level software , (also 
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known as the Operating System Software) which then 
takes the data received and then either " authenticates 
or rejects " the client data* The generated data from 
the Unisys ClearPath Server is then passed back to the 
Kerberos Server and then to the client for further 
action based on the type of response generated. 

Again, this data is passed via an asynchronous data- 
handling protocol. The various modules involved and 
the functional steps involved are shown in Applicants' 
Figs. 15, 16 and 17 in abbreviated form. 

C5. Applicants 1 asynchronous data handling protocol is 

unique to that particular environment because of the 
aforementioned data/message path which involves: (a) client - 
server; (b) specialized ClearPath server; and (c) Kerberos server. 
Quite differently, the Seitz reference is merely: (a) client; (d) 
server; (a) client. The Applicants' sequence (a) , (b) , (c) , (a) is 
quite different from Seitz' (a),(d),(a). 

The big difference here must be stressed, since 
the servers in Applicants 1 system are not running 
applications merely to handle this data exchange. 
The servers in Applicants' system provide services 
in the operational system environment. 

It will be seen that Seitz claims a client — 
server — client message handling system, but 
in looking at the detail of the Seitz 
reference, the so-called "server" in Seitz is 
actually running an application in the 
"application environment" in order to process 
a message exchange between two client 
applications . 
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Referring to Seitz column 4, line 29 

"The server application 110 maintains a list 
120 . . . Thus, Seitz is utilizing an 

application for message exchange, but quite 
differently. Applicants 1 system operates 
using a data exchange through a server 
service provided at the Operating System 
level and not at the application level. 

C6. It should be noted that since Seitz is handling the 

message exchange using an application, while Applicants' system is 
using a server service for data exchange, then Applicants 1 method, 
will by its nature, be much more efficient and operate under an 
algorithm which is much more reliable . 

Seitz 1 application on the server requires server 
services. But Applicants 1 method is providing the 
service without going through an additional 
"layer" of additional application* It is noted 
that the more layers involved, the less efficient 
is the system, and the more layers involved there 
is a slower factor in the response time. 

C7. Taking a more general look at the Seitz reference, it 

would appear that Seitz is speaking to the idea of a generic 
message handling in a " traditional" client/server network . Quite 
differently. Applicants' system and method (of Fig. 17) has a 
specific protocol related to a Kerberos environment where data is 
passed from: (a) client (terminal emulator), to (b) a Kerberos 
Server (KDC), to (c) a Unisys ClearPath Server. The relationship 
here is (a),(b),(c). 
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Both Seitz and Applicants are also "handling" 
asynchronous messages, but they are being handled 
in a different environment. Seitz is handling 
generic messages , while Applicants are focused on 
" aut hent ica t ion " in a Kerberos Realm, which is one 
of the activities associated with the asynchronous 
data handling, but in quite a different 
environment from that of Seitz* 

C8. Regarding the KNAS inferences cited by Examiner, 

Applicants are in no way attempting to claim the origination of 
the so-called authentication algorithms developed in the Rfc 1510 
of KNAS. 

On the other hand, Applicants 1 system and method 
uses a number of "services" supplied by Kerberos 
and/or within a Kerberos Domain. 

What makes Applicants 1 system unique is that 
the Unisys ClearPath Server which is 
participating in the Kerberos Realm must also 
authenticate a client within its domain, and 
these services reside on the Unisys ClearPath 
Server. 

All participants within the Kerberos Realm follow a 
Kerberos authentication protocol. Applicants' system 
sets forth that type of "authentication" within the 
Kerberos Realm to operate between the Kerberos Server 
and the Unisys ClearPath Server, which is a one-to-one 
Server-to-Server protocol, which is a unique 
arrangement . 

That the client application (Terminal Emulator) request 
for authentication, must first be authenticated by the 
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Kerberos Server, and then in turn, handled by the 
Unisys ClearPath Server, is not considered or shown by 
the Rfc 1510 of KNAS. 

There is no discussion in Rfc 1510, as to the data 
handling between participants in the Kerberos Realm and that is 
why Applicants 1 method of asynchronously handling of data between 
client to Kerberos Server, to Unisys ClearPath Server, is a unique 
arrangement . Neither Seitz nor Rfc 1510 speak to data handling in 
an asynchronous fashion from client — to specialized server — to 
Kerberos server, back to the client. This is: (a) , (b) , (c) , (a) in 
sequence. The only aspect of Rfc 1510 (within the Kerberos Realm) 
is that which speaks only of X1 client to server to client", 
(a),(d),(a) authentication. But note in Applicants' method, 
Applicant requires " additional authentication " by the Unisys 
ClearPath Server and has the associated asynchronous data han d l ing 
to achieve said authentication. 

D. Examiner has further rejected claims 4-6, 10 and 13-15 

under 35 USC 103(a) obviousness as unpatentable over the Seitz 
reference, further in view of the Schanze, U.S. Patent 6,003,136. 

Contrary to Examiner's statement, the Seitz references 
does not teach the use of asynchronous authentication 
of multiple concurrent clients in a Kerberos 
environment to maximize network efficiency. Further, 
Seitz does not teach or show the implementation of 
Applicants' Master Control Program, General Security 
Service Library, or the Kerberos Support Library. 

Regarding claims 4-6 and 13-15, wherein Examiner has 
rejected these under 103(a) as ^obvious" over Seitz in view of 
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Schanze, U.S. Patent 6,003,136. Again, Applicants would traverse 
such a conclusion by the Examiner. 

Examiner has stated that one of ordinary skill 

would be "motivated" to incorporate the program means (in the 
cited Schanze U.S. Patent 6,003,136) since x 136 " suggests " (?) that 
the overhead associated with Kerberos systems may be "obviated" 
though use of programs that allow continuous processing - the 
Examiner citing Schanze x 136 at: (i) column 2, lines 35-45 and 
(ii) column 3, lines 10-35. 

A look at item (i) in column 2 only states that each 
computer in a network must run Kerberos software and 
Kerberos grants a ticket which is honored by network 
co mp uters • 

A look at item (ii) in column 3 discussed the problem 
of an inordinate period of time that a client or server 
is required to wait after requesting a response to a 
Kerberos command. 

Thus, x 136 has no valid "suggestion" as to how overhead 
can be obviated. 

Also here, Schanze N 136 states that his mechanism 

permits the requesting client or server's programs to continue to 
handle requests while the Kerberos server generates a response. 

These so-called "suggestions" do not teach the 
implementation which is shown in Applicants' claims and in 
Figs. 15, 16 and 17. Also, there is nothing in Seitz which states 
or indicates that Schanze x 136 could be added to or combined with 
Seitz to configure it to form Applicants 7 system. Here, the 
Examiner is using hindsight to develop Applicants' invention with 
no warrant for combining them. 
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E. Examiner, at page 6 of his Office Action of November 

17, 2003 # paragraph 2, had stated as to claims 4-6, 10 and 13-15 
of Applicants' claims, that there are a number of items designated 
"a", n b n , n c n , . . . "o", "p", n q n , "r", which Examiner has 
selected from bits and pieces of the Seitz reference and from the 
document on Kerberos Network Authentication Service, and from the 
mentioned earlier reference of Schanze 6,003,136. 

Here again, we see that the Examiner has been 
taking bits and pieces from various reference 
elements and then trying to patch them together to 
re-create Applicants' invention. 

Here, Applicants would cite the case of Appeal No. 
2001-1102 in the United States Patent & Trademark Office, Board of 
Patent Appeals and Interferences, which was decided on January 16, 
2002, where the Board had stated as follows, as indicated at 63 
USPQ 2d, p. 1196: 

Patent Examiner's rejection of Applicants' 
cla ims on grounds of anticipation and 
obviousness over prior art reference are 
vacated, since Examiner has made no cogent 
attempt to read reference into independent 
claim in application, and therefore has not 
established that he determined that all 
limitations of Applicants' claims are 
explicitly or inherently described by prior 
art and since Examiner's finding that 
independent claim is "generically" described 
by reference is insufficient for obviousness 
rejection; Examiner's rejection for 
anticipation based on second prior art 
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reference is reversed, since that reference 
does not disclose specific combination of 
components set out in Applicants 1 independent 
claim. Further, Applicants would reiterate 
the previous reference to the case of Price 
y. Code Alarm, Inc. , decided November 5, 1992 
by the U.S. District Court of the Northern 
District of Illinois, where it was indicated: 
That combination claims are not invalid for 
obviousness merely because similar elements 
appear in separate prior art references . The 
Court stated that one may not pick and choose 
among the individual elements of prior art 
references in order to re-create the basis of 
the invention. . . • Not only must the claim 
combination be considered as a whole under 
the express mandate of USC 103, but the prior 
art references must also be considered in 
their entireties to determine whether they 
suggest the desirability of making the 
combination .... (underlines added) . 

There is no combination of information in the Seitz 
reference or in the Kerberos Network Authentication Service 
document which can teach the functionality and the architecture of 
Applicants 1 Figs. 15, 16 and 17, which, as was previously stated, 
involve an operating level relationship between the Client 10, the 
Clear Path Server 13 and the Kerberos Server 20, which operate on 
an asynchronous basis to pass authentication data back to the 
client or clients requesting it. 
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Again note, that Applicants 1 system and method involve 
an asynchronous data exchange from client to ClearPath 
Server to Kerberos Server, which is couplet ely 
different than the Seitz operation from client to 
server back to client* 

Applicants 1 system is providing this service 
without going through an additional "layer" 
of application, where it should be noted that 
the more layers involved, the less efficient 
is the system and the more layers involved 
develop a slower response. 

Again, it should be reiterated that the concern and 
focus of Applicants 1 system is that of "authentication" 
done with specific modules involving a ClearPath Server 
and a Kerberos Server which is not taught by, or 
implemented in any way by the cited reference or the 
KNAS documents* 

As will be noted in Fig. 1 of Seitz, the Server 
computer 102 operates to interchange messages between client 
computer 104 having client applications 106 and other client 
computers 104 having client applications 106. Also, the fact that 
Seitz ^mentions" a Kerberos environment at column 19, line 33 et 
seq . , does not teach the functionality and architecture of 
Applicants' system. 

Further, the fact that Seitz, at column 19 lines 23, et seq. 
which briefly discusses authentication, does not show or 
teach or implement any system for authentication as is shown 
by Applicants 1 Figs. 15, 16 and 17. 
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Amendments have been made to the claims in order to 
correct the lack of specificity as to the Unisys ClearPath server 
as indicated by the Examiner, Now, with the extant claims shown 
to be a combination of elements which must be considered as a 
whole in their entirety, it is now respectfully requested that 
Examiner look at the claims as a whole in their entirety as an 
overall functioning system, which in no way can be recreated from 
the combination of elements from Seitz or KNAS or Schanze. 

In this regard it is now respectfully requested that 
Examiner consider the defined invention as a whole in its entirety 
and subsequently provide a timely Notice of Allowance for the 
extant claims. 

Respectfully submitted. 
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